# Security

<children></children>

For other security tips, visit our guide to
[security best practices](https://coder.com/docs/tutorials/best-practices/security-best-practices.md).

## Security Advisories

> [!CAUTION]
> If you discover a vulnerability in Coder, please do not hesitate to report it
> to us by following the [security policy](https://github.com/coder/coder/blob/main/SECURITY.md).

From time to time, Coder employees or other community members may discover
vulnerabilities in the product.

If a vulnerability requires an immediate upgrade to mitigate a potential
security risk, we will add it to the below table.

Click on the description links to view more details about each specific
vulnerability.

---

| Description                                                                                                                                   | Severity | Fix                                                            | Vulnerable Versions |
|-----------------------------------------------------------------------------------------------------------------------------------------------|----------|----------------------------------------------------------------|---------------------|
| [API tokens of deleted users not invalidated](https://github.com/coder/coder/blob/main/docs/admin/security/0001_user_apikeys_invalidation.md) | HIGH     | [v0.23.0](https://github.com/coder/coder/releases/tag/v0.23.0) | v0.8.25 - v0.22.2   |